You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2012/03/16 18:55:22 UTC
svn commit: r1301670 [2/2] - in /incubator/syncope/trunk:
client/src/main/java/org/syncope/types/
core/src/main/java/org/syncope/core/audit/
core/src/main/java/org/syncope/core/rest/controller/
core/src/main/java/org/syncope/core/rest/data/ core/src/ma...
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserController.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserController.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserController.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserController.java Fri Mar 16 17:55:21 2012
@@ -18,17 +18,6 @@
*/
package org.syncope.core.rest.controller;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.syncope.core.persistence.beans.user.SyncopeUser;
-import org.syncope.core.persistence.dao.UserDAO;
-import org.syncope.core.propagation.PropagationException;
-import org.syncope.core.rest.data.UserDataBinder;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
@@ -40,9 +29,16 @@ import org.apache.commons.collections.ke
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import org.syncope.client.mod.UserMod;
import org.syncope.client.search.NodeCond;
@@ -50,17 +46,24 @@ import org.syncope.client.to.MembershipT
import org.syncope.client.to.PropagationTO;
import org.syncope.client.to.UserTO;
import org.syncope.client.to.WorkflowFormTO;
+import org.syncope.core.audit.AuditManager;
import org.syncope.core.notification.NotificationManager;
import org.syncope.core.persistence.beans.PropagationTask;
+import org.syncope.core.persistence.beans.user.SyncopeUser;
+import org.syncope.core.persistence.dao.UserDAO;
import org.syncope.core.persistence.dao.UserSearchDAO;
+import org.syncope.core.propagation.PropagationException;
import org.syncope.core.propagation.PropagationHandler;
import org.syncope.core.propagation.PropagationManager;
-import org.syncope.core.rest.data.ConnInstanceDataBinder;
+import org.syncope.core.rest.data.UserDataBinder;
import org.syncope.core.util.ConnObjectUtil;
import org.syncope.core.util.EntitlementUtil;
import org.syncope.core.workflow.UserWorkflowAdapter;
import org.syncope.core.workflow.WorkflowException;
import org.syncope.core.workflow.WorkflowResult;
+import org.syncope.types.AuditElements.Category;
+import org.syncope.types.AuditElements.Result;
+import org.syncope.types.AuditElements.UserSubCategory;
import org.syncope.types.PropagationTaskExecStatus;
/**
@@ -79,6 +82,9 @@ public class UserController {
private static final Logger LOG = LoggerFactory.getLogger(UserController.class);
@Autowired
+ private AuditManager auditManager;
+
+ @Autowired
private UserDAO userDAO;
@Autowired
@@ -88,9 +94,6 @@ public class UserController {
private UserDataBinder userDataBinder;
@Autowired
- private ConnInstanceDataBinder connInstanceDataBinder;
-
- @Autowired
private UserWorkflowAdapter wfAdapter;
@Autowired
@@ -111,12 +114,15 @@ public class UserController {
public ModelAndView verifyPassword(@PathVariable("userId") Long userId,
@RequestParam("password") final String password) throws NotFoundException, UnauthorizedRoleException {
+ auditManager.audit(Category.user, UserSubCategory.create, Result.success,
+ "Verified password for: " + userId);
+
return new ModelAndView().addObject(userDataBinder.verifyPassword(userId, password));
}
@PreAuthorize("hasRole('USER_LIST')")
@RequestMapping(method = RequestMethod.GET, value = "/count")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public ModelAndView count() {
Set<Long> adminRoleIds = EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames());
@@ -125,7 +131,7 @@ public class UserController {
@PreAuthorize("hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.POST, value = "/search/count")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public ModelAndView searchCount(@RequestBody final NodeCond searchCondition) throws InvalidSearchConditionException {
if (!searchCondition.checkValidity()) {
@@ -140,10 +146,10 @@ public class UserController {
@PreAuthorize("hasRole('USER_LIST')")
@RequestMapping(method = RequestMethod.GET, value = "/list")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public List<UserTO> list() {
- List<SyncopeUser> users = userDAO.findAll(EntitlementUtil
- .getRoleIds(EntitlementUtil.getOwnedEntitlementNames()));
+ List<SyncopeUser> users =
+ userDAO.findAll(EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames()));
List<UserTO> userTOs = new ArrayList<UserTO>(users.size());
@@ -151,12 +157,15 @@ public class UserController {
userTOs.add(userDataBinder.getUserTO(user));
}
+ auditManager.audit(Category.user, UserSubCategory.list, Result.success,
+ "Successfully listed all users: " + userTOs.size());
+
return userTOs;
}
@PreAuthorize("hasRole('USER_LIST')")
@RequestMapping(method = RequestMethod.GET, value = "/list/{page}/{size}")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public List<UserTO> list(@PathVariable("page") final int page, @PathVariable("size") final int size) {
Set<Long> adminRoleIds = EntitlementUtil.getRoleIds(EntitlementUtil.getOwnedEntitlementNames());
@@ -167,29 +176,42 @@ public class UserController {
userTOs.add(userDataBinder.getUserTO(user));
}
+ auditManager.audit(Category.user, UserSubCategory.list, Result.success,
+ "Successfully listed all users (page=" + page + ", size=" + size + "): " + userTOs.size());
+
return userTOs;
}
@PreAuthorize("hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.GET, value = "/read/{userId}")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public UserTO read(@PathVariable("userId") final Long userId) throws NotFoundException, UnauthorizedRoleException {
- return userDataBinder.getUserTO(userId);
+ UserTO result = userDataBinder.getUserTO(userId);
+
+ auditManager.audit(Category.user, UserSubCategory.read, Result.success,
+ "Successfully read user: " + userId);
+
+ return result;
}
@PreAuthorize("hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.GET, value = "/read")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public UserTO read(@RequestParam("username") final String username)
throws NotFoundException, UnauthorizedRoleException {
- return userDataBinder.getUserTO(username);
+ UserTO result = userDataBinder.getUserTO(username);
+
+ auditManager.audit(Category.user, UserSubCategory.read, Result.success,
+ "Successfully read user: " + username);
+
+ return result;
}
@PreAuthorize("hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.POST, value = "/search")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public List<UserTO> search(@RequestBody final NodeCond searchCondition) throws InvalidSearchConditionException {
LOG.debug("User search called with condition {}", searchCondition);
@@ -199,19 +221,22 @@ public class UserController {
throw new InvalidSearchConditionException();
}
- List<SyncopeUser> matchingUsers = searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil
- .getOwnedEntitlementNames()), searchCondition);
+ List<SyncopeUser> matchingUsers = searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil.
+ getOwnedEntitlementNames()), searchCondition);
List<UserTO> result = new ArrayList<UserTO>(matchingUsers.size());
for (SyncopeUser user : matchingUsers) {
result.add(userDataBinder.getUserTO(user));
}
+ auditManager.audit(Category.user, UserSubCategory.read, Result.success,
+ "Successfully searched for users: " + result.size());
+
return result;
}
@PreAuthorize("hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.POST, value = "/search/{page}/{size}")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public List<UserTO> search(@RequestBody final NodeCond searchCondition, @PathVariable("page") final int page,
@PathVariable("size") final int size) throws InvalidSearchConditionException {
@@ -222,14 +247,17 @@ public class UserController {
throw new InvalidSearchConditionException();
}
- final List<SyncopeUser> matchingUsers = searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil
- .getOwnedEntitlementNames()), searchCondition, page, size);
+ final List<SyncopeUser> matchingUsers = searchDAO.search(EntitlementUtil.getRoleIds(EntitlementUtil.
+ getOwnedEntitlementNames()), searchCondition, page, size);
final List<UserTO> result = new ArrayList<UserTO>(matchingUsers.size());
for (SyncopeUser user : matchingUsers) {
result.add(userDataBinder.getUserTO(user));
}
+ auditManager.audit(Category.user, UserSubCategory.read, Result.success,
+ "Successfully searched for users (page=" + page + ", size=" + size + "): " + result.size());
+
return result;
}
@@ -253,8 +281,8 @@ public class UserController {
WorkflowResult<Map.Entry<Long, Boolean>> created = wfAdapter.create(userTO);
- List<PropagationTask> tasks = propagationManager.getCreateTaskIds(created, userTO.getPassword(), userTO
- .getVirtualAttributes());
+ List<PropagationTask> tasks = propagationManager.getCreateTaskIds(
+ created, userTO.getPassword(), userTO.getVirtualAttributes());
final List<PropagationTO> propagations = new ArrayList<PropagationTO>();
@@ -284,11 +312,13 @@ public class UserController {
created.getPerformedTasks()));
final UserTO savedTO = userDataBinder.getUserTO(created.getResult().getKey());
-
savedTO.setPropagationTOs(propagations);
LOG.debug("About to return created user\n{}", savedTO);
+ auditManager.audit(Category.user, UserSubCategory.create, Result.success,
+ "Successfully created user: " + savedTO.getUsername());
+
response.setStatus(HttpServletResponse.SC_CREATED);
return savedTO;
}
@@ -302,8 +332,8 @@ public class UserController {
WorkflowResult<Map.Entry<Long, Boolean>> updated = wfAdapter.update(userMod);
- List<PropagationTask> tasks = propagationManager.getUpdateTaskIds(updated, userMod.getPassword(), userMod
- .getVirtualAttributesToBeRemoved(), userMod.getVirtualAttributesToBeUpdated(), null);
+ List<PropagationTask> tasks = propagationManager.getUpdateTaskIds(updated, userMod.getPassword(), userMod.
+ getVirtualAttributesToBeRemoved(), userMod.getVirtualAttributesToBeUpdated(), null);
final List<PropagationTO> propagations = new ArrayList<PropagationTO>();
@@ -333,9 +363,11 @@ public class UserController {
updated.getPerformedTasks()));
final UserTO updatedTO = userDataBinder.getUserTO(updated.getResult().getKey());
-
updatedTO.setPropagationTOs(propagations);
+ auditManager.audit(Category.user, UserSubCategory.update, Result.success,
+ "Successfully updated user: " + updatedTO.getUsername());
+
LOG.debug("About to return updated user\n{}", updatedTO);
return updatedTO;
@@ -343,7 +375,7 @@ public class UserController {
@PreAuthorize("hasRole('USER_UPDATE')")
@RequestMapping(method = RequestMethod.POST, value = "/activate")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public UserTO activate(@RequestBody final UserTO userTO,
@RequestParam(required = false) final Set<String> resourceNames,
@RequestParam(required = false, defaultValue = "true") final Boolean performLocally,
@@ -362,7 +394,7 @@ public class UserController {
@PreAuthorize("hasRole('USER_UPDATE')")
@RequestMapping(method = RequestMethod.GET, value = "/suspend/{userId}")
- @Transactional(rollbackFor = { Throwable.class })
+ @Transactional(rollbackFor = {Throwable.class})
public UserTO suspend(@PathVariable("userId") final Long userId,
@RequestParam(required = false) final Set<String> resourceNames,
@RequestParam(required = false, defaultValue = "true") final Boolean performLocally,
@@ -381,7 +413,7 @@ public class UserController {
@PreAuthorize("hasRole('USER_UPDATE')")
@RequestMapping(method = RequestMethod.GET, value = "/reactivate/{userId}")
- @Transactional(rollbackFor = { Throwable.class })
+ @Transactional(rollbackFor = {Throwable.class})
public UserTO reactivate(final @PathVariable("userId") Long userId,
@RequestParam(required = false) final Set<String> resourceNames,
@RequestParam(required = false, defaultValue = "true") final Boolean performLocally,
@@ -441,6 +473,9 @@ public class UserController {
wfAdapter.delete(userId);
+ auditManager.audit(Category.user, UserSubCategory.delete, Result.success,
+ "Successfully deleted user: " + userTO.getUsername());
+
LOG.debug("User successfully deleted: {}", userId);
return userTO;
@@ -466,53 +501,75 @@ public class UserController {
LOG.debug("About to return updated user\n{}", savedTO);
+ auditManager.audit(Category.user, UserSubCategory.executeWorkflow, Result.success,
+ "Successfully executed workflow action " + taskId + " on user: " + userTO.getUsername());
+
return savedTO;
}
@PreAuthorize("hasRole('WORKFLOW_FORM_LIST')")
@RequestMapping(method = RequestMethod.GET, value = "/workflow/form/list")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public List<WorkflowFormTO> getForms() {
- return wfAdapter.getForms();
+ List<WorkflowFormTO> forms = wfAdapter.getForms();
+
+ auditManager.audit(Category.user, UserSubCategory.getForms, Result.success,
+ "Successfully list workflow forms: " + forms.size());
+
+ return forms;
}
@PreAuthorize("hasRole('WORKFLOW_FORM_READ') and hasRole('USER_READ')")
@RequestMapping(method = RequestMethod.GET, value = "/workflow/form/{userId}")
- @Transactional(readOnly = true, rollbackFor = { Throwable.class })
+ @Transactional(readOnly = true, rollbackFor = {Throwable.class})
public WorkflowFormTO getFormForUser(@PathVariable("userId") final Long userId)
throws UnauthorizedRoleException, NotFoundException, WorkflowException {
SyncopeUser user = userDataBinder.getUserFromId(userId);
- return wfAdapter.getForm(user.getWorkflowId());
+ WorkflowFormTO result = wfAdapter.getForm(user.getWorkflowId());
+
+ auditManager.audit(Category.user, UserSubCategory.getFormForUser, Result.success,
+ "Successfully read workflow form for user: " + user.getUsername());
+
+ return result;
}
@PreAuthorize("hasRole('WORKFLOW_FORM_CLAIM')")
@RequestMapping(method = RequestMethod.GET, value = "/workflow/form/claim/{taskId}")
- @Transactional(rollbackFor = { Throwable.class })
+ @Transactional(rollbackFor = {Throwable.class})
public WorkflowFormTO claimForm(@PathVariable("taskId") final String taskId)
throws NotFoundException, WorkflowException {
- return wfAdapter.claimForm(taskId, SecurityContextHolder.getContext().getAuthentication().getName());
+ WorkflowFormTO result = wfAdapter.claimForm(taskId,
+ SecurityContextHolder.getContext().getAuthentication().getName());
+
+ auditManager.audit(Category.user, UserSubCategory.claimForm, Result.success,
+ "Successfully claimed workflow form: " + taskId);
+
+ return result;
}
@PreAuthorize("hasRole('WORKFLOW_FORM_SUBMIT')")
@RequestMapping(method = RequestMethod.POST, value = "/workflow/form/submit")
- @Transactional(rollbackFor = { Throwable.class })
+ @Transactional(rollbackFor = {Throwable.class})
public UserTO submitForm(@RequestBody final WorkflowFormTO form)
throws NotFoundException, WorkflowException, PropagationException, UnauthorizedRoleException {
LOG.debug("About to process form {}", form);
- WorkflowResult<Map.Entry<Long, String>> updated = wfAdapter.submitForm(form, SecurityContextHolder.getContext()
- .getAuthentication().getName());
+ WorkflowResult<Map.Entry<Long, String>> updated = wfAdapter.submitForm(form, SecurityContextHolder.getContext().
+ getAuthentication().getName());
List<PropagationTask> tasks = propagationManager.getUpdateTaskIds(new WorkflowResult<Map.Entry<Long, Boolean>>(
- new DefaultMapEntry(updated.getResult().getKey(), Boolean.TRUE), updated.getPropByRes(), updated
- .getPerformedTasks()), updated.getResult().getValue(), null, null);
+ new DefaultMapEntry(updated.getResult().getKey(), Boolean.TRUE), updated.getPropByRes(), updated.
+ getPerformedTasks()), updated.getResult().getValue(), null, null);
propagationManager.execute(tasks);
final UserTO savedTO = userDataBinder.getUserTO(updated.getResult().getKey());
+ auditManager.audit(Category.user, UserSubCategory.submitForm, Result.success,
+ "Successfully submitted workflow form for user: " + savedTO.getUsername());
+
LOG.debug("About to return user after form processing\n{}", savedTO);
return savedTO;
@@ -544,13 +601,13 @@ public class UserController {
// Resources to exclude from propagation.
Set<String> resources = new HashSet<String>();
- if (!performRemotely) {
- resources.addAll(user.getResourceNames());
- } else {
+ if (performRemotely) {
if (resourceNames != null) {
resources.addAll(user.getResourceNames());
resources.removeAll(resourceNames);
}
+ } else {
+ resources.addAll(user.getResourceNames());
}
tasks = propagationManager.getUpdateTaskIds(user, status, resources);
@@ -560,7 +617,10 @@ public class UserController {
final UserTO savedTO = userDataBinder.getUserTO(updated.getResult());
- LOG.debug("About to return suspended user\n{}", savedTO);
+ auditManager.audit(Category.user, UserSubCategory.setStatus, Result.success,
+ "Successfully changed status to " + savedTO.getStatus() + " for user: " + savedTO.getUsername());
+
+ LOG.debug("About to return updated user\n{}", savedTO);
return savedTO;
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserRequestController.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserRequestController.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserRequestController.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/UserRequestController.java Fri Mar 16 17:55:21 2012
@@ -36,11 +36,15 @@ import org.springframework.web.servlet.M
import org.syncope.client.mod.UserMod;
import org.syncope.client.to.UserRequestTO;
import org.syncope.client.to.UserTO;
+import org.syncope.core.audit.AuditManager;
import org.syncope.core.persistence.beans.SyncopeConf;
import org.syncope.core.persistence.beans.UserRequest;
import org.syncope.core.persistence.dao.ConfDAO;
import org.syncope.core.persistence.dao.UserRequestDAO;
import org.syncope.core.rest.data.UserRequestDataBinder;
+import org.syncope.types.AuditElements.Category;
+import org.syncope.types.AuditElements.Result;
+import org.syncope.types.AuditElements.UserRequestSubCategory;
@Controller
@RequestMapping("/user/request")
@@ -52,6 +56,9 @@ public class UserRequestController {
private static final Logger LOG = LoggerFactory.getLogger(UserRequestController.class);
@Autowired
+ private AuditManager auditManager;
+
+ @Autowired
private ConfDAO confDAO;
@Autowired
@@ -65,7 +72,12 @@ public class UserRequestController {
@Transactional(readOnly = true)
public UserTO read() throws NotFoundException {
- return dataBinder.getAuthUserTO();
+ UserTO userTO = dataBinder.getAuthUserTO();
+
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.read, Result.success,
+ "Successfully read self data");
+
+ return userTO;
}
private Boolean isCreateAllowedByConf() {
@@ -78,6 +90,9 @@ public class UserRequestController {
@Transactional(readOnly = true)
public ModelAndView isCreateAllowed() {
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.isCreateAllowed, Result.success,
+ "Successfully checked whether self create is allowed");
+
return new ModelAndView().addObject(isCreateAllowedByConf());
}
@@ -95,47 +110,38 @@ public class UserRequestController {
try {
dataBinder.testCreate(userTO);
} catch (RollbackException e) {
+ LOG.debug("Testing create - ignore exception");
}
UserRequest request = new UserRequest();
request.setUserTO(userTO);
request = userRequestDAO.save(request);
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.create, Result.success,
+ "Successfully created user request for " + request.getUserTO().getUsername());
+
return dataBinder.getUserRequestTO(request);
}
@PreAuthorize("isAuthenticated()")
@RequestMapping(method = RequestMethod.POST, value = "/update")
- public UserRequestTO update(@RequestBody final UserMod userMod) throws NotFoundException, UnauthorizedRoleException {
+ public UserRequestTO update(@RequestBody final UserMod userMod)
+ throws NotFoundException, UnauthorizedRoleException {
LOG.debug("Request user update called with {}", userMod);
try {
dataBinder.testUpdate(userMod);
} catch (RollbackException e) {
+ LOG.debug("Testing update - ignore exception");
}
UserRequest request = new UserRequest();
request.setUserMod(userMod);
request = userRequestDAO.save(request);
- return dataBinder.getUserRequestTO(request);
- }
-
- @PreAuthorize("isAuthenticated()")
- @RequestMapping(method = RequestMethod.POST, value = "/delete")
- public UserRequestTO delete(@RequestBody final Long userId) throws NotFoundException, UnauthorizedRoleException {
-
- LOG.debug("Request user delete called with {}", userId);
-
- try {
- dataBinder.testDelete(userId);
- } catch (RollbackException e) {
- }
-
- UserRequest request = new UserRequest();
- request.setUserId(userId);
- request = userRequestDAO.save(request);
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.update, Result.success,
+ "Successfully updated user request for " + request.getUserMod().getUsername());
return dataBinder.getUserRequestTO(request);
}
@@ -150,6 +156,9 @@ public class UserRequestController {
result.add(dataBinder.getUserRequestTO(request));
}
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.list, Result.success,
+ "Successfully listed all user requests: " + result.size());
+
return result;
}
@@ -163,6 +172,31 @@ public class UserRequestController {
throw new NotFoundException("User request " + requestId);
}
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.read, Result.success,
+ "Successfully read user request for " + request.getUserTO().getUsername());
+
+ return dataBinder.getUserRequestTO(request);
+ }
+
+ @PreAuthorize("isAuthenticated()")
+ @RequestMapping(method = RequestMethod.POST, value = "/delete")
+ public UserRequestTO delete(@RequestBody final Long userId) throws NotFoundException, UnauthorizedRoleException {
+
+ LOG.debug("Request user delete called with {}", userId);
+
+ try {
+ dataBinder.testDelete(userId);
+ } catch (RollbackException e) {
+ LOG.debug("Testing delete - ignore exception");
+ }
+
+ UserRequest request = new UserRequest();
+ request.setUserId(userId);
+ request = userRequestDAO.save(request);
+
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.delete, Result.success,
+ "Successfully deleted user request for user" + userId);
+
return dataBinder.getUserRequestTO(request);
}
@@ -175,6 +209,9 @@ public class UserRequestController {
throw new NotFoundException("User request " + requestId);
}
+ auditManager.audit(Category.userRequest, UserRequestSubCategory.delete, Result.success,
+ "Successfully deleted user request for user" + request.getUserId());
+
userRequestDAO.delete(requestId);
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/VirtualSchemaController.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/VirtualSchemaController.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/VirtualSchemaController.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/VirtualSchemaController.java Fri Mar 16 17:55:21 2012
@@ -31,15 +31,22 @@ import org.springframework.web.bind.anno
import org.springframework.web.bind.annotation.RequestMethod;
import org.syncope.client.to.VirtualSchemaTO;
import org.syncope.client.validation.SyncopeClientCompositeErrorException;
+import org.syncope.core.audit.AuditManager;
import org.syncope.core.persistence.beans.AbstractVirSchema;
import org.syncope.core.persistence.dao.VirSchemaDAO;
import org.syncope.core.rest.data.VirtualSchemaDataBinder;
+import org.syncope.types.AuditElements.Category;
+import org.syncope.types.AuditElements.Result;
+import org.syncope.types.AuditElements.SchemaSubCategory;
@Controller
@RequestMapping("/virtualSchema")
public class VirtualSchemaController extends AbstractController {
@Autowired
+ private AuditManager auditManager;
+
+ @Autowired
private VirSchemaDAO virtualSchemaDAO;
@Autowired
@@ -51,10 +58,12 @@ public class VirtualSchemaController ext
@RequestBody final VirtualSchemaTO virtualSchemaTO, @PathVariable("kind") final String kind)
throws SyncopeClientCompositeErrorException {
- AbstractVirSchema virtualSchema = virtualSchemaDataBinder.create(virtualSchemaTO, getAttributableUtil(kind)
- .newVirtualSchema(), getAttributableUtil(kind).schemaClass());
+ AbstractVirSchema virtualSchema = virtualSchemaDAO.save(virtualSchemaDataBinder.create(
+ virtualSchemaTO, getAttributableUtil(kind).newVirtualSchema(),
+ getAttributableUtil(kind).schemaClass()));
- virtualSchema = virtualSchemaDAO.save(virtualSchema);
+ auditManager.audit(Category.schema, SchemaSubCategory.createVirtual, Result.success,
+ "Successfully created virtual schema: " + kind + "/" + virtualSchema.getName());
response.setStatus(HttpServletResponse.SC_CREATED);
return virtualSchemaDataBinder.getVirtualSchemaTO(virtualSchema);
@@ -62,18 +71,19 @@ public class VirtualSchemaController ext
@PreAuthorize("hasRole('SCHEMA_DELETE')")
@RequestMapping(method = RequestMethod.DELETE, value = "/{kind}/delete/{schema}")
- public void delete(HttpServletResponse response, @PathVariable("kind") final String kind,
+ public void delete(@PathVariable("kind") final String kind,
@PathVariable("schema") final String virtualSchemaName) throws NotFoundException {
Class reference = getAttributableUtil(kind).virtualSchemaClass();
AbstractVirSchema virtualSchema = virtualSchemaDAO.find(virtualSchemaName, reference);
if (virtualSchema == null) {
- LOG.error("Could not find virtual schema '" + virtualSchemaName + "'");
-
- throw new NotFoundException(virtualSchemaName);
- } else {
- virtualSchemaDAO.delete(virtualSchemaName, getAttributableUtil(kind));
+ throw new NotFoundException("Virtual schema '" + virtualSchemaName + "'");
}
+
+ virtualSchemaDAO.delete(virtualSchemaName, getAttributableUtil(kind));
+
+ auditManager.audit(Category.schema, SchemaSubCategory.deleteVirtual, Result.success,
+ "Successfully deleted virtual schema: " + kind + "/" + virtualSchema.getName());
}
@RequestMapping(method = RequestMethod.GET, value = "/{kind}/list")
@@ -83,10 +93,12 @@ public class VirtualSchemaController ext
List<VirtualSchemaTO> virtualSchemaTOs = new ArrayList<VirtualSchemaTO>(virtualAttributeSchemas.size());
for (AbstractVirSchema virtualSchema : virtualAttributeSchemas) {
-
virtualSchemaTOs.add(virtualSchemaDataBinder.getVirtualSchemaTO(virtualSchema));
}
+ auditManager.audit(Category.schema, SchemaSubCategory.listVirtual, Result.success,
+ "Successfully listed all virtual schemas: " + kind + "/" + virtualSchemaTOs.size());
+
return virtualSchemaTOs;
}
@@ -98,10 +110,12 @@ public class VirtualSchemaController ext
Class reference = getAttributableUtil(kind).virtualSchemaClass();
AbstractVirSchema virtualSchema = virtualSchemaDAO.find(virtualSchemaName, reference);
if (virtualSchema == null) {
- LOG.error("Could not find virtual schema '" + virtualSchemaName + "'");
- throw new NotFoundException(virtualSchemaName);
+ throw new NotFoundException("Virtual schema '" + virtualSchemaName + "'");
}
+ auditManager.audit(Category.schema, SchemaSubCategory.readVirtual, Result.success,
+ "Successfully read virtual schema: " + kind + "/" + virtualSchema.getName());
+
return virtualSchemaDataBinder.getVirtualSchemaTO(virtualSchema);
}
@@ -113,14 +127,16 @@ public class VirtualSchemaController ext
Class reference = getAttributableUtil(kind).virtualSchemaClass();
AbstractVirSchema virtualSchema = virtualSchemaDAO.find(virtualSchemaTO.getName(), reference);
if (virtualSchema == null) {
- LOG.error("Could not find virtual schema '" + virtualSchemaTO.getName() + "'");
- throw new NotFoundException(virtualSchemaTO.getName());
+ throw new NotFoundException("Virtual schema '" + virtualSchema.getName() + "'");
}
- virtualSchema = virtualSchemaDataBinder.update(virtualSchemaTO, virtualSchema, getAttributableUtil(kind)
- .schemaClass());
-
+ virtualSchema = virtualSchemaDataBinder.update(virtualSchemaTO, virtualSchema,
+ getAttributableUtil(kind).schemaClass());
virtualSchema = virtualSchemaDAO.save(virtualSchema);
+
+ auditManager.audit(Category.schema, SchemaSubCategory.updateVirtual, Result.success,
+ "Successfully updated virtual schema: " + kind + "/" + virtualSchema.getName());
+
return virtualSchemaDataBinder.getVirtualSchemaTO(virtualSchema);
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/WorkflowController.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/WorkflowController.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/WorkflowController.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/controller/WorkflowController.java Fri Mar 16 17:55:21 2012
@@ -18,6 +18,7 @@
*/
package org.syncope.core.rest.controller;
+import java.util.List;
import javassist.NotFoundException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
@@ -28,14 +29,21 @@ import org.springframework.web.bind.anno
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import org.syncope.client.to.WorkflowDefinitionTO;
+import org.syncope.core.audit.AuditManager;
import org.syncope.core.workflow.UserWorkflowAdapter;
import org.syncope.core.workflow.WorkflowException;
+import org.syncope.types.AuditElements.Category;
+import org.syncope.types.AuditElements.Result;
+import org.syncope.types.AuditElements.WorkflowSubCategory;
@Controller
@RequestMapping("/workflow")
public class WorkflowController extends AbstractController {
@Autowired
+ private AuditManager auditManager;
+
+ @Autowired
private UserWorkflowAdapter wfAdapter;
@PreAuthorize("hasRole('WORKFLOW_DEF_READ')")
@@ -43,7 +51,12 @@ public class WorkflowController extends
@Transactional(readOnly = true)
public WorkflowDefinitionTO getDefinition() throws WorkflowException {
- return wfAdapter.getDefinition();
+ WorkflowDefinitionTO result = wfAdapter.getDefinition();
+
+ auditManager.audit(Category.workflow, WorkflowSubCategory.getDefinition, Result.success,
+ "Successfully got workflow definition");
+
+ return result;
}
@PreAuthorize("hasRole('WORKFLOW_DEF_UPDATE')")
@@ -52,12 +65,20 @@ public class WorkflowController extends
throws NotFoundException, WorkflowException {
wfAdapter.updateDefinition(definition);
+
+ auditManager.audit(Category.workflow, WorkflowSubCategory.updateDefinition, Result.success,
+ "Successfully updated workflow definition");
}
@PreAuthorize("hasRole('WORKFLOW_TASK_LIST')")
@RequestMapping(method = RequestMethod.GET, value = "/tasks")
public ModelAndView getDefinedTasks() throws WorkflowException {
- return new ModelAndView().addObject(wfAdapter.getDefinedTasks());
+ List<String> definedTasks = wfAdapter.getDefinedTasks();
+
+ auditManager.audit(Category.workflow, WorkflowSubCategory.getDefinedTasks, Result.success,
+ "Successfully got the list of defined workflow tasks: " + definedTasks.size());
+
+ return new ModelAndView().addObject(definedTasks);
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/ResourceDataBinder.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/ResourceDataBinder.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/ResourceDataBinder.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/ResourceDataBinder.java Fri Mar 16 17:55:21 2012
@@ -126,12 +126,7 @@ public class ResourceDataBinder {
return resource;
}
- public List<ResourceTO> getResourceTOs(Collection<ExternalResource> resources) {
-
- if (resources == null) {
- return null;
- }
-
+ public List<ResourceTO> getResourceTOs(final Collection<ExternalResource> resources) {
List<ResourceTO> resourceTOs = new ArrayList<ResourceTO>();
for (ExternalResource resource : resources) {
resourceTOs.add(getResourceTO(resource));
@@ -140,7 +135,7 @@ public class ResourceDataBinder {
return resourceTOs;
}
- public ResourceTO getResourceTO(ExternalResource resource) {
+ public ResourceTO getResourceTO(final ExternalResource resource) {
if (resource == null) {
return null;
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/scheduling/NotificationJob.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/scheduling/NotificationJob.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/scheduling/NotificationJob.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/scheduling/NotificationJob.java Fri Mar 16 17:55:21 2012
@@ -31,11 +31,15 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.javamail.JavaMailSenderImpl;
import org.springframework.mail.javamail.MimeMessageHelper;
+import org.syncope.core.audit.AuditManager;
import org.syncope.core.persistence.beans.NotificationTask;
import org.syncope.core.persistence.beans.TaskExec;
import org.syncope.core.persistence.dao.ConfDAO;
import org.syncope.core.persistence.dao.TaskDAO;
import org.syncope.core.persistence.dao.TaskExecDAO;
+import org.syncope.types.AuditElements.Category;
+import org.syncope.types.AuditElements.NotificationSubCategory;
+import org.syncope.types.AuditElements.Result;
import org.syncope.types.TraceLevel;
/**
@@ -57,6 +61,9 @@ public class NotificationJob implements
*/
private static final Logger LOG = LoggerFactory.getLogger(NotificationJob.class);
+ @Autowired
+ private AuditManager auditManager;
+
/**
* Task DAO.
*/
@@ -94,8 +101,8 @@ public class NotificationJob implements
smtpUsername = confDAO.find("smtp.username", "").getValue();
smtpPassword = confDAO.find("smtp.password", "").getValue();
- LOG.debug("SMTP details fetched: {}:{} / {}:[PASSWORD_NOT_SHOWN]", new Object[] { smtpHost, smtpPort,
- smtpUsername });
+ LOG.debug("SMTP details fetched: {}:{} / {}:[PASSWORD_NOT_SHOWN]",
+ new Object[]{smtpHost, smtpPort, smtpUsername});
}
public TaskExec executeSingle(final NotificationTask task) {
@@ -154,10 +161,11 @@ public class NotificationJob implements
StringBuilder report = new StringBuilder();
switch (task.getTraceLevel()) {
case ALL:
- report.append("FROM: ").append(task.getSender()).append('\n').append("TO: ").append(to)
- .append('\n').append("SUBJECT: ").append(task.getSubject()).append('\n').append(
- '\n').append(task.getTextBody()).append('\n').append('\n').append(
- task.getHtmlBody()).append('\n');
+ report.append("FROM: ").append(task.getSender()).append('\n').
+ append("TO: ").append(to).append('\n').
+ append("SUBJECT: ").append(task.getSubject()).append('\n').append('\n').
+ append(task.getTextBody()).append('\n').append('\n').
+ append(task.getHtmlBody()).append('\n');
break;
case SUMMARY:
@@ -171,6 +179,9 @@ public class NotificationJob implements
if (report.length() > 0) {
execution.setMessage(report.toString());
}
+
+ auditManager.audit(Category.notification, NotificationSubCategory.sent, Result.success,
+ "Successfully sent notification to " + to);
} catch (Throwable t) {
LOG.error("Could not send e-mail", t);
@@ -183,6 +194,9 @@ public class NotificationJob implements
execution.setMessage(exceptionWriter.toString());
}
+
+ auditManager.audit(Category.notification, NotificationSubCategory.sent, Result.failure,
+ "Could not send notification to " + to, t);
}
execution.setEndDate(new Date());
@@ -214,8 +228,8 @@ public class NotificationJob implements
// True if either failed and failures have to be registered, or if ALL
// has to be registered.
- return (Status.valueOf(execution.getStatus()) == Status.NOT_SENT && task.getTraceLevel().ordinal() >= TraceLevel.FAILURES
- .ordinal())
+ return (Status.valueOf(execution.getStatus()) == Status.NOT_SENT
+ && task.getTraceLevel().ordinal() >= TraceLevel.FAILURES.ordinal())
|| task.getTraceLevel() == TraceLevel.ALL;
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/security/SyncopeAuthenticationProvider.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/security/SyncopeAuthenticationProvider.java?rev=1301670&r1=1301669&r2=1301670&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/security/SyncopeAuthenticationProvider.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/security/SyncopeAuthenticationProvider.java Fri Mar 16 17:55:21 2012
@@ -84,7 +84,7 @@ public class SyncopeAuthenticationProvid
}
@Override
- @Transactional(noRollbackFor = { BadCredentialsException.class })
+ @Transactional(noRollbackFor = {BadCredentialsException.class})
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
boolean authenticated;
@@ -116,8 +116,8 @@ public class SyncopeAuthenticationProvid
Authentication result;
if ((user == null || !user.getSuspended()) && authenticated) {
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(authentication
- .getPrincipal(), null, userDetailsService.loadUserByUsername(
+ UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(authentication.
+ getPrincipal(), null, userDetailsService.loadUserByUsername(
authentication.getPrincipal().toString()).getAuthorities());
token.setDetails(authentication.getDetails());
@@ -125,8 +125,8 @@ public class SyncopeAuthenticationProvid
auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.success,
"Successfully authenticated, with roles: " + token.getAuthorities());
- LOG.debug("User {} successfully authenticated, with roles {}", authentication.getPrincipal(), token
- .getAuthorities());
+ LOG.debug("User {} successfully authenticated, with roles {}", authentication.getPrincipal(), token.
+ getAuthorities());
if (user != null) {
user.setLastLoginDate(new Date());
@@ -140,8 +140,8 @@ public class SyncopeAuthenticationProvid
userDAO.save(user);
}
- auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.failure, "User "
- + authentication.getPrincipal() + " not authenticated");
+ auditManager.audit(Category.authentication, AuthenticationSubCategory.login, Result.failure,
+ "User " + authentication.getPrincipal() + " not authenticated");
LOG.debug("User {} not authenticated", authentication.getPrincipal());
throw new BadCredentialsException("User " + authentication.getPrincipal() + " not authenticated");